[Samba] Samba/LDAP Authentication and SSL Conflicts

Bill Alexander bill.alexander at mrcmry.com
Fri Dec 6 02:36:01 GMT 2002

My solution: 

That part about the Samba authentication was the most confusing bit, as
others suggested: I completely agree with the replies I received that
the SSL shouldn't have had anything to do with it.  And, it turns out,
it didn't.

The machine in question had cached my account's authenticator.  When it
failed to contact the LDAP server (due to the SSL problem), it relied on
its own cache.  I incorrectly assumed I was authenticating - a deeper
study of my logs revealed that SSL was completely unrelated.  I didn't
even think of this until one of my users tried to authenticate and it
didn't work.

My problem with the machine not authenticating had to do with the secret
salt in /etc/samba/secrets.tdb - the new LDAP machine's account password
hash was different.  Very frustrating, but I wiped out the old one,
rejoined the machine to the domain, and voilla - it's fixed.

Thanks again for the responses.

- Bill

On Thu, 2002-12-05 at 13:55, Bill Alexander wrote:
> I'm having a problem with Samba/LDAP authentication for Windows boxen
> from my Samba PDC.  I've diagnosed as much as I can and fiddled with
> relevant settings I know of, but I'm not making any progress.  


Bill Alexander <bill.alexander at mrcmry.com>
Mission Research Corporation

More information about the samba mailing list